Trojan.Win32.Agent.bxj

Hello, I recently ran Kaspersky online Scanner and the report stated I had one virus that infected 17 objects. It listed 'Infected: Trojan.Win32.Agent.bxj' on all 17 files. What is Trojan.Win32.Agent.bxj? How can I remove it? Any help,assistance, or direction would greatly be appreciated!

Error: 1146 Table 'majorgee_mac.esselbach_st_dlweekly' doesn't exist. I obtain this error message when trying to access certain web sites. I don't know what this error is and more importantly how to fix it. These are sites I have been able to access in the past w/out any complications. Any suggestions?

Alright, here it goes. Online virus scanner, these were the results however it didn't fix them, Vulnerability in vector markup language could remote code execution (929969), cumulative security updated for internet explorer (931768),cumulative sercurity update for internet explorer (933566), MS07-045, MS07-050. I clicked the fix errors button, a new scan occured and the same results were listed. As for Panda Antirootkit, no rootkits. The AVG-Anti-Virus, no threats were found. SS&D, no problems. Do I need to change it back from advanced mode to default mode yet? Ad-Aware personal se found two cookies and I deleted them. Also, nothing was found on the vundofix and VirtumundoBeGone. I have attached the AVG Antispyware (report scan), Comobix, and HijackThis as requested. Let me know my next course of action. Thanks!

1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh Combofix log.

Can you please gibve me some links to the websites you`re having problems with?

Regards Howard

This thread is for the use of Valerie1 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in oursecurity and the web forum.

Attached Files:

Attached is the avenger text per your request. The combofix is presenting some problems. I tried to run it on several occassions. Each time the message stated combofix is preparing to run, could not find the file, then it would advance to the next screen stating it could take 10 minutes or longer. The next thing a would recieve a pop stating combofix has detected the presence of rootkit activity and needs to reboot. It rebooted over four times and still kept displaying the same information. I ran the AVG anti-rootkit, it came back clean. Ever since I ran combofix, my firewall is being disable. Each time I start my computer a message appears that my firewall is off. I go and turn it back on. Also, each time I start up my computer my display settings,times, and other things are different. I have to go and change them.

As far as the websites, the ones I was receiving the error messages for. I am able to access them now w/out any complications or problems.

alright, just wanted to let you know that i believe to have the comodo firewall working properly again. as far as the changes that kept occurring after i logged off and on, they longer seem to occur. i just now have about twenty connections trying to access. i just have been denying them for now because i honestly have no idea what they are. i can create a separate log for those or just wait until we finish up here. thanks!

glad to hear that the files are clean, so i no longer have trojan.win32.agent.bxj? here's a few of the programs that are trying to access,
aolsoftware.exe, explorer.exe, ehrec.exe, svchost.exe, mmcomponentmgr.exe (the message that displays w/this program, discover drop and display system are trying to act as servers and when i deny i receive a pop up that socket initialization failed), disstreamhub.exe (same message that it is trying to act server), avginet.exe. just started w/a few because there are many more

also, the online scanner that i ran @ the beginning, i recall it didn't find any errors just some vulnerabilities, will some of the programs that installed handled them or is there anything else that i need to do to protect myself from further malware,viruses, trojans, etc. i know i'm getting off the subject, sorry, just want to make sure my pc is fully protected. thanks again howard for all your patience and support during this time. i really do appreciate everything you have done so far to help me.

alright, i did the system restore and files :\System Volume Information\_restore Infected: Trojan.Win32.Agent.bxj are no longer there when I ran the kaspersky online scanner. That's great! The bad news is now its show other malware. This is what it came up with